This is a bad opinion. The court reaches the correct result that 47 USC 230 doesn’t immunize an employer for an employee’s activities. However, in reaching that fairly obvious result, the opinion—completely gratuitously—denigrates Section 230 in ways that seem designed to shrink Section 230’s footprint in other types of cases. Making the immunity more limited as binding Illinois law will lead to plenty of unnecessary and costly mischief with no countervailing benefit. As a result, this opinion would benefit from an appeal to the Illinois Supreme Court to clean up the doctrinal sloppiness, even if the Supreme Court affirms the substantive ruling.

Background

Although the court speaks in euphemisms, this long-running case (since 2007) apparently involves a love triangle. McGrew was a Southwest Airlines flight attendant. It seems that both McGrew and Lansing had competing interests in the same person. In efforts to allegedly thwart his rival, for over 2 years starting in 2004, the plaintiff alleges that McGrew:

used his access to defendant’s resources to make harassing telephone calls and send over 1,000 harassing and threatening text messages or e-mails to plaintiff. According to plaintiff, McGrew threatened that, as a supervisor, he knew when people made reservations on his flights and would prevent plaintiff and his family members from flying by placing them on terrorism “no fly” lists with defendant and its affiliated airlines. Further, McGrew emphasized his position and authority with defendant, threatened to “haunt” and “completely ruin” plaintiff, and asserted that no one would believe any complaints plaintiff might lodge against McGrew. As time progressed, McGrew’s messages and e-mails became increasingly violent, mentioned plaintiff’s family members by name, and were transmitted directly to plaintiff’s family members and professional colleagues.

Lansing alleges that he contacted Southwest five times in 2005 and 2006 regarding McGrew’s behavior, but Southwest didn’t terminate McGrew until August 2006.

Section 230 and Employment Law

The trial court dismissed Lansing’s lawsuit against Southwest based on Section 230. While I appreciate the sentiments behind that ruling, it’s probably wrong. I’ve consistently argued that Section 230 ordinarily shouldn’t apply to lawsuits against employers for employees’ activities. We have only one case where that argument worked–California’s 2006 Delfino v. Agilent case–and that was an awkward opinion at best. (This opinion denigrates it as unpersuasive).

After all, the legal identity of employees and employers is usually co-extensive; which means that for Section 230’s purpose, each employee’s materials should be treated as first-party content of the employer. Now, employees sometimes do rogue things, but Section 230 doesn’t need to police that; the substantive doctrines (such as negligent supervision) should have internal limits (scienter, causation, etc.) that restrict plaintiff overclaims for rogue employee behavior.

The Appellate Opinion

The appeals court starts off on a good note, saying Southwest Airlines meets the threshold consideration for the immunity’s eligibility: “an employer like defendant qualifies as a provider or user of an ICS because defendant uses an information system or service that multiple users, like defendant’s employees, use to access the Internet.”

Then, in rejecting Southwest’s argument that Section 230 should be interpreted broadly, the court gets into serious trouble:

We agree with the analysis of the Seventh Circuit that section 230(c) “as a whole cannot be understood” as granting blanket immunity to an ICS user or provider from any civil cause of action that involves content posted on or transmitted over the Internet by a third party. Craigslist, Inc., 519 F.3d at 669, 671. Neither section 230’s title (“Protection for private blocking and screening of offensive material”) nor subsection (c)’s caption (“Protection for ‘Good Samaritan’ blocking and screening of offensive material”) suggests that section 230 provides immunity for a negligence action based upon the defendant’s failure to supervise its employee.

Oh no. Not this again. Are courts really going to determine the scope of a seminal statutory immunity by reference to the titles/header? Ugh.

In support of this, the court partially responds to strawmen positions. I didn’t check Southwest Airline’s briefs, but generally no one asserts that Section 230 grants “blanket immunity to an ICS user or provider from any civil cause of action that involves content posted on or transmitted over the Internet by a third party.” That would be factually wrong. For example, Section 230 has three important statutory exclusions (IP, federal criminal prosecutions, ECPA and state law equivalents). But except for the statutory exclusions, Section 230 does, in fact, immunize intermediaries for “any civil cause of action that involves content posted on or transmitted over the Internet by a third party.” The caselaw is entirely clear on this—and even the 7th Circuit Craigslist case supports that realpolitik conclusion.

The court keeps digging its hole (and, to mix metaphors, hacking down strawmen):

The CDA was not enacted to be a complete shield for ICS users or providers against any and all state law torts that involve the use of the Internet. Such an overly broad interpretation of the CDA is inconsistent with the statutory purpose to encourage the restriction of objectionable or inappropriate online material.

The first sentence is another strawman. Of course Section 230 is not a “complete shield for ICS users or providers against any and all state law torts that involve the use of the Internet.” So what?

On the second sentence, the court totally whiffed on the “statutory purpose.” The judges should reread Section 230(b), where Congress explicitly lays out its policy objectives for Section 230. Section 230 (b) doesn’t once mention the goal of restricting access to objectionable/inappropriate material online. Indeed, while Section 230(c)(2) does seek to advance that goal, Section 230(c)(1) doesn’t have any language of the sort.

Sadly, this court got befuddled by the cruft in Easterbrook’s Seventh Circuit opinions where Easterbrook tried to collapse 230(c)(1) and 230(c)(2). This was a wild statutory reading that I believe no other court has agreed with. But here’s a state appellate court locking into its binding statutory interpretation a goal that Congress never actually expressed–and that conflicts with Congress’ expressed policy goals. Great…

The court tops off this mess by concluding that the negligent supervision claim doesn’t treat the employer as the publisher/speaker of the rogue employee’s emails and texts. For example, the court says “holding defendant liable for its failure to supervise its employee after defendant had received notice of the employee’s wrongful conduct does not treat defendant as if it were the publisher or speaker of the alleged e-mails and texts.”

Superficially, that’s true, but it misses the key point: negligence claims synthetically impose accountability for someone else’s speech, and that’s exactly what Section 230 is designed to preempt. Indeed, the seminal Zeran v. AOL case was a negligence case quite similar to this one: Zeran alleged that AOL was negligent in several respects, including failing to cut off the anonymous tortfeasor who was harassing Zeran. And the Ninth Circuit’s Barnes v. Yahoo ruling–a case that Yahoo partially lost–thoughtfully reiterated that Section 230 preempted a tort claim for “negligent undertaking” (in that case, the failure to promptly withdraw content). The court unpersuasively tries to distinguish Barnes:

plaintiff’s theory of liability is not based on defendant allowing McGrew access to the Internet to publish inappropriate and defamatory electronic messages and then failing to either monitor his messages or prevent them from being sent or somehow remove them. Rather, plaintiff, seeks to hold defendant liable for failing to investigate plaintiff’s complaint about McGrew’s wrongful conduct, reprimand him, and timely suspend or terminate his employment. Specifically, plaintiff alleged that he repeatedly notified defendant that McGrew was using his position of employment with defendant and defendant’s equipment and resources to harass and threaten plaintiff and his family, friends, and professional colleagues. Clearly, the duty plaintiff alleges defendant violated is not derived from any behavior by defendant that is similar to publishing or speaking.

Replace the concept of “employment” with “user relationship” and you’ll see how the court’s logic is completely inconsistent with the precedent. Every plaintiff wants to argue that it’s not suing for a user’s posts but for the website’s negligent failure to terminate the user or remove the posts—and many plaintiffs have done exactly that to attack Section 230, with no success. I can’t list all of the “I’m just arguing negligence” cases completely, but start with cases like Doe v. MySpace from the Fifth Circuit and the related Doe II v. MySpace from California to see how the courts have recognized, and then emphatically rejected, a negligence claim as an impermissible backdoor bypass to Section 230’s publisher/speaker prong. (There are so many others, I’m just citing two cases off the top of my head).

Instead of screwing up the publisher/speaker prong, the court should have said that, for Section 230 purposes, an employee’s content is first-party content to the employer and therefore Section 230 doesn’t apply. See a related example in the context of a message board moderator: Cornelius v. DeLuca (holding a website operator liable for its agents’ acts). This is counterintuitive because McGrew was allegedly a rogue employee, in which case his emails and texts had nothing to do with advancing his employer’s interests. Compare Maypark v. Securitas Security Services USA; Amira Jabbar v. Travel Services. Treating Lansing’s allegations as true, it’s logical to ask the question why Southwest didn’t do more to rein in McGrew after Lansing complained, but this isn’t a Section 230 issue because of the principal’s presumptive responsibility for its agents’ actions. Perhaps we’d be better off if Section 230 jurisprudence said categorically that employers can’t claim Section 230 for employee activities because of their common identity. On the plus side, that would keep courts from doing a gratuitous Section 230 sideswipe like this court did.

Implications

This opinion is good law on the question of Section 230’s lack of applicability to employer’s liability for their employees’ activities. So long as other courts restrict their reading of this opinion to that specific holding, no damage has been done. But the rest of the discussion—gratuitous, poorly researched, hyperbolic dicta—is not good law and should never be cited favorably by another other court.

Worse, the opinion may falsely encourage plaintiffs to think they have a chance to end-run Section 230 in Illinois state court. It exacerbates the implicit encouragement that Judge Easterbrook gave Illinois plaintiffs with his sloppy Doe v. GTE opinion and the follow-on “I was right in Doe v. GTE, dammit!” opinion in the Craigslist case. But the reality is that Illinois plaintiffs haven’t succeeded in getting around Section 230 (see, e.g., Dart v. Craigslist, a particularly spectacular plaintiff failure), and they won’t succeed in the future either, so plaintiffs will be wasting their time—and defendants’ time and money—chasing this fool’s gold. For keying up those unnecessary resource allocations, fie on this appellate panel for going where they didn’t need to go and weren’t prepared to go properly.

This opinion reinforces the fears that some Section 230 enthusiasts have expressed over the years that defendants are over-asserting the immunity, creating the opportunity for a judge to undercut the immunity generally while disposing of the weak Section 230 argument. That’s exactly what happened here. Southwest Airlines’ hard-to-support Section 230 argument was so easy for the court to knock down, it felt emboldened to say more than it needed to—to the detriment of all of us.